Legal claims defining the scope of protection, as filed with the USPTO.
1. A non-transitory computer-readable medium comprising instructions which, when executed by at least one processor, cause the at least one processor to perform operations comprising: receiving, by an aggregator service, a client identifier (ID) that is associated with both the aggregator service and a user application, the client ID associated with at least one scope governing access to an authorizing service, wherein the aggregator service collects customer data from a customer account held at an institution and provides the customer data to user applications; obtaining, by the aggregator service and based on the client ID, at least one authorization token, wherein the at least one authorization token is issued on behalf of an account holder, and wherein the at least one authorization token provides the aggregator service with access to account data associated with the account holder on behalf of the user application, the access being governed according to at least one scope of permission as provided by the account holder; and accessing, by the aggregator service and based on the at least one authorization token, the account data in accordance with the at least one scope of permission indicated by the least one authorization token.
2. The medium of claim 1 , wherein the at least one authorization token is obtained based on the client ID.
3. The medium of claim 1 , wherein the operations further comprise sending a request for the client ID, the request indicating a purpose for the access to the authorizing service, wherein the client ID is generated and issued based at least partly on determining that the at least one scope is appropriate for the purpose.
4. The medium of claim 1 , wherein the operations further comprise: presenting a user interface (UI) dialog to the account holder; and obtaining, through the UI dialog consent from the account holder for the at least one scope of permission.
5. The medium of claim 1 , wherein the at least one authorization token is specific to the account holder.
6. The medium of claim 1 , wherein the at least one authorization token includes a refresh token and an access token.
7. The medium of claim 1 , wherein the at least one authorization token is associated with a blockchain in a block that corresponds to the aggregator service.
8. The medium of claim 7 , wherein the at least one authorization token is a hashed version of a block address of a record in the block.
9. The medium of claim 1 , wherein the at least one authorization token provides the aggregator service with access to a subset of account data associated with the account holder on behalf of the user application, the access being governed according to the at least one scope of permission as provided by the account holder, and the subset of account data being less than all of the account data associated with the account holder, and wherein accessing the account data comprises accessing the subset of account data in accordance with the at least one scope of permission indicated by the least one authorization token.
10. A computer-implemented method executed by at least one processor, the method comprising: receiving, by an aggregator service, a client identifier (ID) that is associated with both the aggregator service and a user application, the client ID associated with at least one scope governing access to an authorizing service, wherein the aggregator service collects customer data from a customer account held at an institution and provides the customer data to user applications; obtaining, by the aggregator service and based on the client ID, at least one authorization token, wherein the at least one authorization token is issued on behalf of an account holder, and wherein the at least one authorization token provides the aggregator service with access to account data associated with the account holder on behalf of the user application, the access being governed according to at least one scope of permission as provided by the account holder; and accessing, by the aggregator service and based on the at least one authorization token, the account data in accordance with the at least one scope of permission indicated by the least one authorization token.
11. The method of claim 10 , wherein the at least one authorization token is obtained based on the client ID.
12. The method of claim 10 , further comprising sending a request for the client ID, the request indicating a purpose for the access to the authorizing service, wherein the client ID is generated and issued based at least partly on determining that the at least one scope is appropriate for the purpose.
13. The method of claim 10 , further comprising: presenting a user interface (UI) dialog to the account holder; and obtaining, through the UI dialog consent from the account holder for the at least one scope of permission.
14. The method of claim 10 , wherein the at least one authorization token is specific to the account holder.
15. The method of claim 10 , wherein the at least one authorization token includes a refresh token and an access token.
16. The method of claim 10 , wherein the at least one authorization token is associated with a blockchain in a block that corresponds to the aggregator service.
17. The method of claim 16 , wherein the at least one authorization token is a hashed version of a block address of a record in the block.
18. A system comprising: at least one processor; and a data store coupled to the at least one processor having instructions stored thereon which, when executed by the at least one processor, causes the at least one processor to perform operations comprising: receiving, by an aggregator service, a client identifier (ID) that is associated with both the aggregator service and a user application, the client ID associated with at least one scope governing access to an authorizing service, wherein the aggregator service collects customer data from a customer account held at an institution and provides the customer data to user applications; obtaining, by the aggregator service and based on the client ID, at least one authorization token, wherein the at least one authorization token is issued on behalf of an account holder, and wherein the at least one authorization token provides the aggregator service with access to account data associated with the account holder on behalf of the user application, the access being governed according to at least one scope of permission as provided by the account holder; and accessing, by the aggregator service and based on the at least one authorization token, the account data in accordance with the at least one scope of permission indicated by the least one authorization token.
19. The system of claim 18 , wherein the at least one authorization token is obtained based on the client ID.
20. The system of claim 18 , wherein the operations further comprise sending a request for the client ID, the request indicating a purpose for the access to the authorizing service, wherein the client ID is generated and issued based at least partly on determining that the at least one scope is appropriate for the purpose.
21. The system of claim 18 , wherein the operations further comprise: presenting a user interface (UI) dialog to the account holder; and obtaining, through the UI dialog consent from the account holder for the at least one scope of permission.
Unknown
July 13, 2021
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.